SREngLOG已更，望救助，先谢~-

醉入云烟 - 2011-5-21 4:41:00

前几天在单位值了2天班，走之前电脑还好好的，回家打开电脑，发现IE怎么也连不上网，怎么点都停留在ABOUT空白页的状态。QQ登陆永远在连接中……

打开多个程序，超级缓慢，基本不响应。

立即打开瑞星，全盘杀毒，没查到毒。

于是点瑞星升级，点了没反映……，无法升级。

重启，半天都没关上，只好按主机重启键。

进入F8天堂模式

翻出D盘尘封已久的WINDOWS清理助手等专杀软件，杀了一圈，没查出根毛来。

网上查了查，有叫个鬼影的玩意儿？

下了个金山鬼影专杀……没发现病毒木马

下了个360，没发现毒，反而360防火墙貌似刚装好就被秒杀了

再用360保险箱，杀了个特洛伊.win32.thsys 出来，当时查出来3项，全部修复。

重启，开机，一切照久。

又去下了个可牛杀毒，杀不出来，反而其病毒库升级在30%定住。

今天又下了个金山卫士，杀毒杀到99%定住，没发现有毒。

F8带网模式，上网查了查，貌似卡巴和诺顿也没用，就没下了。

这几天超级郁闷，电脑里有重要资料，又不能格式化重装。

救命啊！！！！！！！！！！！！！！！！！

更新SREngLOG如下：（SR刚才扫描时勾上安全更新一项就会卡在那里一直扫！？）

字数超过，详见11楼……-_-

用户系统信息：Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; Trident/4.0; GTB6.4; Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1) ; .NET CLR 2.0.50727)

天月来了 - 2011-5-21 7:40:00

你意思是安全模式下可以连网？？正常系统内就不能连网了？？？

试试正常模式下卸载所有非微软的程序试试，尤其是会开机自启动的软件都卸载试试。

因为安全模式和正常模式的区别主要是所有非微软的能开机自启动的软件在安全模式下是不启动的。

醉入云烟 - 2011-5-21 16:34:00

正常系统不是不能连网，而是IE打不开网站，瑞星无法升级，可牛升级到30%卡住，QQ上不了网。
但是可牛能升级说明网是在的啊

天月来了 - 2011-5-21 16:56:00

噢，尝试卸载部分安全软件观察看如何

然后扫描个SRENG日志来看

醉入云烟 - 2011-5-21 17:03:00

刚才又新发现了。
用鲁大师扫描，发现显示卡和显示器变成“未知”了
不知道是不是因为在安全模式下的原因

醉入云烟 - 2011-5-21 17:05:00

SRENG在安全模式下扫还是正常启动呢

醉入云烟 - 2011-5-21 17:06:00

有点怕进正常模式了……:kaka3:

天月来了 - 2011-5-21 17:13:00

SRENG在正常模式下扫描呗

醉入云烟 - 2011-5-21 17:16:00

就在刚才，正要重启去正常模式时发现：桌面IE和开始菜单里的IE打开变成我的文档了……。我晕了

醉入云烟 - 2011-5-21 17:17:00

查了下又中了数字大盗木马，我晕死啊win32.3rdloader.xbt。安全模式也中招……

醉入云烟 - 2011-5-21 18:22:00

更新SREngLOG如下：
（SR刚才扫描时勾上安全更新一项就会卡在那里一直扫！？），另附一图

[code]2011-05-21,18:07:52
System Repair Engineer 2.8.4.1331
Smallfrogs (http://www.KZTechs.com)
Windows XP Professional Service Pack 3 (Build 2600) - 管理权限用户 - 完整功能
以下内容被选中：
所有的启动项目（包括注册表、启动文件夹、服务等）
浏览器加载项
正在运行的进程（包括进程模块信息）
文件关联
Winsock 提供者
Autorun.inf
HOSTS 文件
进程特权扫描
计划任务
API HOOK
隐藏进程

启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
<ctfmon.exe><C:\WINDOWS\system32\ctfmon.exe> [(Verified)Microsoft Windows Component Publisher]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
<load><> [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
<TurboV Help><"C:\Program Files\ASUS\TurboV EVO\TurboVHelp.exe"> [ASUSTek]
<TurboV EVO><"C:\Program Files\ASUS\TurboV EVO\TurboV_EVO.exe"> [ASUSTek]
<JMB36X IDE Setup><C:\WINDOWS\RaidTool\xInsIDE.exe> []
<QFan Help><"C:\Program Files\ASUS\AI Suite\QFan3\QFanHelp.exe"> []
<Cpu Level Up help><"C:\Program Files\ASUS\AI Suite\CpuLevelUpHelp.exe"> []
<Six Engine><"C:\Program Files\ASUS\Six Engine\SixEngine.exe" -b> []
<knsdtray><"D:\Keniu\Keniu Shadu\knsdtray.exe" -autorun> [(Verified)Keniu Network Technology (Beijing) Co., Ltd.]
<KSafeTray><"D:\KSafe\KSafeTray.exe" -autorun> [(Verified)Kingsoft Security Co.,Ltd]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
<shell><Explorer.exe> [(Verified)Microsoft Windows Component Publisher]
<Userinit><C:\WINDOWS\system32\userinit.exe,> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
<AppInit_DLLs><> [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
<UIHost><logonui.exe> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
<{AEB6717E-7E19-11d0-97EE-00C04FD91972}><shell32.dll> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
<PostBootReminder><%SystemRoot%\system32\SHELL32.dll> [(Verified)Microsoft Windows Component Publisher]
<CDBurn><%SystemRoot%\system32\SHELL32.dll> [(Verified)Microsoft Windows Component Publisher]
<WebCheck><%SystemRoot%\system32\webcheck.dll> [(Verified)Microsoft Windows Component Publisher]
<SysTray><C:\WINDOWS\system32\stobject.dll> [(Verified)Microsoft Windows Component Publisher]
<WPDShServiceObj><C:\WINDOWS\system32\WPDShServiceObj.dll> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\crypt32chain]
<WinlogonNotify: crypt32chain><crypt32.dll> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cryptnet]
<WinlogonNotify: cryptnet><cryptnet.dll> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cscdll]
<WinlogonNotify: cscdll><cscdll.dll> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\dimsntfy]
<WinlogonNotify: dimsntfy><%SystemRoot%\System32\dimsntfy.dll> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ScCertProp]
<WinlogonNotify: ScCertProp><wlnotify.dll> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Schedule]
<WinlogonNotify: Schedule><wlnotify.dll> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\sclgntfy]
<WinlogonNotify: sclgntfy><sclgntfy.dll> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SensLogn]
<WinlogonNotify: SensLogn><WlNotify.dll> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\termsrv]
<WinlogonNotify: termsrv><wlnotify.dll> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\wlballoon]
<WinlogonNotify: wlballoon><wlnotify.dll> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
<{8C7461EF-2B13-11d2-BE35-3078302C2030}><%SystemRoot%\system32\browseui.dll> [(Verified)Microsoft Windows Component Publisher]
<{438755C2-A8BA-11D1-B96B-00A0C90312E1}><%SystemRoot%\system32\browseui.dll> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}]
<Windows Media Player><C:\WINDOWS\inf\unregmp2.exe /ShowWMP> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}]
<Internet Explorer><%systemroot%\system32\shmgrate.exe OCInstallUserConfigIE> [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS]
<浏览器自定义组件><RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}]
<Outlook Express><%systemroot%\system32\shmgrate.exe OCInstallUserConfigOE> [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}]
<Themes Setup><%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll> [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}]
<Microsoft Outlook Express 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install> [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}]
<N/A><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Remove.PerUser.NT> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}]
<通讯簿 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install> [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4340}]
<Windows 桌面更新><regsvr32.exe /s /n /i:U shell32.dll> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4383}]
<Internet Explorer 6><%SystemRoot%\system32\ie4uinit.exe> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89B4C1CD-B018-4511-B0A1-5476DBF70820}]
<N/A><C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\system32\mscories.dll,Install> [Microsoft Corporation]
==================================
启动文件夹
N/A
==================================
服务
[ASUS System Control Service / AsSysCtrlService][Running/Auto Start]
<C:\Program Files\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe><N/A>
[Ati HotKey Poller / Ati HotKey Poller][Stopped/Manual Start]
<C:\WINDOWS\system32\Ati2evxx.exe><ATI Technologies Inc.>
[ATI Smart / ATI Smart][Stopped/Auto Start]
<C:\WINDOWS\system32\ati2sgag.exe><>
[DeviceVM Meta Data Export Service / DvmMDES][Running/Auto Start]
<"C:\ASUS.SYS\config\DVMExportService.exe"><DeviceVM, Inc.>
[GP_CLT_Service / GP_CLT_Service][Running/Auto Start]
<C:\WINDOWS\system32\GP_CLT_Service.exe><>
[Human Interface Device Access / HidServ][Stopped/Disabled]
<C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>
[ICBC Daemon Service / ICBC Daemon Service][Running/Auto Start]
<C:\Program Files\ICBCEbankTools\ICBCAntiPhishing\IcbcDaemon.exe><N/A>
[Keniu Shadu Antivirus Engine / kavehost][Running/Manual Start]
<"D:\Keniu\Keniu Shadu\Ave\knsdave.exe" -svc><N/A>
[Kingsoft Rescue Service / Kingsoft Rescue Service][Running/Auto Start]
<D:\杀毒工具\KSM\ksmsvc.exe><>
[Keniu Shadu Service / knsdsvc][Running/Auto Start]
<"D:\Keniu\Keniu Shadu\knsdsvc.exe" -svc><Keniu Network Technology.>
[KSafe service / KSafeSvc][Running/Auto Start]
<"D:\KSafe\KSafeSvc.exe" -svc><Kingsoft Corporation>
[OnKey Service _ICBC / OnKey Service _ICBC][Running/Auto Start]
<C:\WINDOWS\system32\D4Ser_ICBC.exe><Tendyron Corporation>
[Rsd Service / RsMgrSvc][Running/Auto Start]
<"C:\Program Files\Rising\RSD\RsMgrSvc.exe"><Beijing Rising Information Technology Co., Ltd.>
[RIS Service / RsRISMon][Running/Auto Start]
<"C:\Program Files\Rising\RIS\RavMonD.exe"><Beijing Rising Information Technology Co., Ltd.>
[XLDoctor Services / XLDoctor Services][Stopped/Manual Start]
<D:\Thunder Network\Thunder\Program\DctSer.exe><深圳市迅雷网络技术有限公司>
==================================
驱动程序
[AsIO / AsIO][Running/System Start]
<system32\drivers\AsIO.sys><N/A>
[ati2mtag / ati2mtag][Running/Manual Start]
<system32\DRIVERS\ati2mtag.sys><ATI Technologies Inc.>
[ATI Function Driver for High Definition Audio Service / AtiHdmiService][Running/Manual Start]
<system32\drivers\AtiHdmi.sys><ATI Research Inc.>
[BC / BC][Running/Boot Start]
<\SystemRoot\system32\Drivers\BC.sys><Kingsoft Corporation>
[bootsafe / bootsafe][Running/Boot Start]
<\SystemRoot\system32\Drivers\bootsafe.sys><>
[CIDC USB KEY Driver / CIDCUSB][Stopped/Manual Start]
<System32\Drivers\CIDCUSB.sys><CIDC.>
[ComputerZ / ComputerZ][Stopped/Manual Start]
<\??\D:\电脑检测工具\鲁大师\LuDaShi\ComputerZ.sys><鲁大师>
[Microsoft 用于 High Definition Audio 的 UAA 总线驱动程序 / HDAudBus][Running/Manual Start]
<system32\DRIVERS\HDAudBus.sys><Windows (R) Server 2003 DDK provider>
[hooksys / hooksys][Running/System Start]
<\??\C:\WINDOWS\system32\drivers\Hooksys.sys><Beijing Rising Information Technology Co., Ltd.>
[HookTdi / HookTdi][Running/System Start]
<\??\C:\WINDOWS\system32\drivers\HookTdi.sys><Beijing Rising Information Technology Co., Ltd.>
[hptpro / hptpro][Stopped/Boot Start]
<\SystemRoot\system32\DRIVERS\hptpro.sys><HighPoint Technologies, Inc.>
[HTC Device Driver / HTCAND32][Stopped/Manual Start]
<System32\Drivers\ANDROIDUSB.sys><HTC1124 Inc>
[HyperVM / HyperVM][Running/System Start]
<\??\C:\WINDOWS\system32\drivers\hvm.sys><Beijing Rising Information Technology Co., Ltd.>
[JRAID / JRAID][Running/Boot Start]
<\SystemRoot\system32\DRIVERS\jraid.sys><JMicron Technology Corp.>
[kmodurl / kmodurl][Running/System Start]
<\??\D:\KSafe\kmodurl.sys><Kingsoft Corporation>
[KnsdBootCheck / KnsdBootCheck][Running/Boot Start]
<\SystemRoot\system32\Drivers\knbc.sys><Keniu Network Technology.>
[ksapi / ksapi][Running/Manual Start]
<\??\C:\WINDOWS\system32\drivers\ksapi.sys><Kingsoft Corporation>
[Mouse HID Driver / mouhid][Stopped/Manual Start]
<system32\DRIVERS\mouhid.sys><N/A>
[ATK0110 ACPI UTILITY / MTsensor][Running/Manual Start]
<system32\DRIVERS\ASACPI.sys><>
[Nokia USB Phone Parent Driver / nmwcd][Stopped/Manual Start]
<system32\drivers\ccdcmb.sys><Nokia>
[Nokia USB Communication Driver / nmwcdc][Stopped/Manual Start]
<system32\drivers\ccdcmbo.sys><Nokia>
[NPPTNT2 / NPPTNT2][Stopped/Manual Start]
<\??\C:\WINDOWS\system32\npptNT2.sys><INCA Internet Co., Ltd.>
[Padus ASPI Shell / pfc][Running/Manual Start]
<system32\drivers\pfc.sys><Padus, Inc.>
[PortTalk / PortTalk][Stopped/Manual Start]
<System32\Drivers\PortTalk.sys><Beyond Logic http://www.beyondlogic.org>
[Direct Parallel Link Driver / Ptilink][Running/Manual Start]
<system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[Rising RfwARP Driver / RFWARP][Running/Auto Start]
<system32\DRIVERS\rfwarp.sys><Beijing Rising Information Technology Co., Ltd.>
[Rising RfwNdis Driver / RFWNDIS][Running/Manual Start]
<system32\DRIVERS\rfwndis.sys><Beijing Rising Information Technology Co., Ltd.>
[rfwtdi / rfwtdi][Running/Auto Start]
<\??\C:\Program Files\Rising\RIS\rfwtdi.sys><Beijing Rising Information Technology Co., Ltd.>
[rsfwdrv / rsfwdrv][Running/Auto Start]
<\??\C:\Program Files\Rising\RIS\rsfwdrv.sys><Beijing Rising Information Technology Co., Ltd.>
[Realtek 10/100/1000 PCI NIC Family NDIS XP Driver / RTL8023xp][Running/Manual Start]
<system32\DRIVERS\Rtnicxp.sys><Realtek Semiconductor Corporation>
[Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver / RTLE8023xp][Running/Manual Start]
<system32\DRIVERS\Rtenicxp.sys><Realtek Semiconductor Corporation>
[SafeBoxKrnl / SafeBoxKrnl][Running/System Start]
<System32\Drivers\SafeBoxKrnl.sys><360安全中心>
[Secdrv / Secdrv][Stopped/Manual Start]
<system32\DRIVERS\secdrv.sys><Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.>
[skvkrpr / skvkrpr][Stopped/Manual Start]
<\??\C:\WINDOWS\system32\Drivers\skvkrpr.sys><Kingsoft Corporation>
[Symantec Network Security Intermediate Filter Service / SymIM][Stopped/Manual Start]
<system32\DRIVERS\SymIM.sys><Symantec Corporation>
[SymIMMP / SymIMMP][Stopped/Manual Start]
<system32\DRIVERS\SymIM.sys><Symantec Corporation>
[TCP/IP Protocol Driver / Tcpip][Running/System Start]
<system32\DRIVERS\tcpip.sys><Microsoft Corporation>
[upperdev / upperdev][Stopped/Manual Start]
<system32\DRIVERS\usbser_lowerflt.sys><Nokia>
[UsbserFilt / UsbserFilt][Stopped/Manual Start]
<system32\DRIVERS\usbser_lowerfltj.sys><Nokia>
[VIA High Definition Audio Driver Service / VIAHdAudAddService][Running/Manual Start]
<system32\drivers\viahduaa.sys><VIA Technologies, Inc.>
==================================
浏览器加载项
[迅雷下载支持]
{889D2FEB-5411-4565-8998-1DD2C5261283} <D:\Thunder Network\Thunder\BHO\XunleiBHO7.1.4.2104.dll, (Signed) 深圳市迅雷网络技术有限公司>
[ICBC Anti-Phishing class]
{BB4491A2-D11A-4c6b-91C0-B53246A3122B} <C:\Program Files\ICBCEbankTools\ICBCAntiPhishing\Icbc_AntiPhishing.dll, (Signed) 中国工商银行>
[Store Class]
{1086BE51-00F5-4371-A449-9A2DECE1B138} <C:\WINDOWS\system32\ABCCECom.ocx, (Signed) Feitian Technologies Co., Ltd.>
[]
{1663ed61-23eb-11d2-b92f-008048fdd814} <, >
[Axcleanctrl Class]
{36C9539B-49D2-01C7-9C6D-10DACDFEA59C} <C:\WINDOWS\system32\icbcclean.dll, (Signed) >
[EditCtrl Class]
{488A4255-3236-44B3-8F27-FA1AECAA8844} <C:\WINDOWS\system32\aliedit\aliedit.dll, (Signed) >
[]
{6EA2869B-5A14-4DCB-9E0A-084F74BB20F5} <, >
[AxInputControl Class]
{73E4740C-08EB-4133-896B-8D0A7C9EE3CD} <C:\WINDOWS\system32\InputControl.dll, (Signed) >
[AxSubmitControl Class]
{8D9E0B29-563C-4226-86C1-5FF2AE77E1D2} <C:\WINDOWS\system32\SubmitControl.dll, (Signed) >
[]
{F2AF4FB7-CC87-49C9-B147-E1BAAC82BCDD} <, >
[HTML Document]
{25336920-03F9-11CF-8FD0-00AA00686F13} <%SystemRoot%\system32\mshtml.dll, (Signed) N/A>
[DHTML Edit Control Safe for Scripting for IE5]
{2D360201-FFF5-11D1-8D03-00A0C959BC0A} <C:\Program Files\Common Files\Microsoft Shared\Triedit\dhtmled.ocx, (Signed) Microsoft Corporation>
[Windows Media Player]
{6BF52A52-394A-11D3-B153-00C04F79FAA6} <C:\WINDOWS\system32\wmp.dll, (Signed) Microsoft Corporation>
[迅雷下载支持]
{889D2FEB-5411-4565-8998-1DD2C5261283} <D:\Thunder Network\Thunder\BHO\XunleiBHO7.1.4.2104.dll, (Signed) 深圳市迅雷网络技术有限公司>
[ICBC Anti-Phishing class]
{BB4491A2-D11A-4C6B-91C0-B53246A3122B} <C:\Program Files\ICBCEbankTools\ICBCAntiPhishing\Icbc_AntiPhishing.dll, (Signed) 中国工商银行>
[Shockwave Flash Object]
{D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash10q.ocx, (Signed) Adobe Systems, Inc.>
[&使用优蛋下载]
<D:\115\UDown\getUrl.htm, N/A>
[使用迅雷下载]
<D:\Thunder Network\Thunder\BHO\geturl.htm, N/A>
[使用迅雷下载全部链接]
<D:\Thunder Network\Thunder\BHO\GetAllUrl.htm, N/A>
==================================

醉入云烟 - 2011-5-21 18:23:00

正在运行的进程
[PID: 564 / SYSTEM][\SystemRoot\System32\smss.exe] [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
[PID: 624 / SYSTEM][\??\C:\WINDOWS\system32\csrss.exe] [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
[PID: 1316 / SYSTEM][\??\C:\WINDOWS\system32\winlogon.exe] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)]
[C:\WINDOWS\system32\sfc_os.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
[C:\WINDOWS\system32\msctfime.ime] [Microsoft Corporation, 5.1.2600.5768 (xpsp_sp3_gdr.090226-1442)]
[C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[C:\WINDOWS\system32\Ati2evxx.dll] [ATI Technologies Inc., 6.14.10.4179]
[C:\WINDOWS\system32\atiadlxx.dll] [Advanced Micro Devices, Inc., 6.14.10.1054]
[PID: 1360 / SYSTEM][C:\WINDOWS\system32\services.exe] [(Verified) Microsoft Corporation, 5.1.2600.5755 (xpsp_sp3_gdr.090206-1234)]
[PID: 1372 / SYSTEM][C:\WINDOWS\system32\lsass.exe] [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)]
[C:\WINDOWS\system32\UxTheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[PID: 1540 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
[C:\WINDOWS\system32\UxTheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[PID: 1620 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe] [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
[C:\WINDOWS\system32\UxTheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[PID: 1816 / SYSTEM][C:\Program Files\Rising\RSD\RsMgrSvc.exe] [Beijing Rising Information Technology Co., Ltd., 1.0.0.29]
[C:\Program Files\Rising\RSD\comx3.dll] [Beijing Rising Information Technology Co., Ltd., 23.0.0.4]
[C:\Program Files\Rising\RSD\Syslay.dll] [Beijing Rising Information Technology Co., Ltd., 23.0.0.1]
[C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[PID: 1828 / SYSTEM][C:\Program Files\Rising\RIS\RavMonD.exe] [Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 14]
[C:\Program Files\Rising\RIS\combase.dll] [Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 16]
[C:\Program Files\Rising\RIS\rsconf.dll] [Beijing Rising Information Technology Co., Ltd., 23.0.0.4]
[C:\Program Files\Rising\RIS\scansrvp.dll] [Beijing Rising Information Technology Co., Ltd., 23.0.0.12]
[C:\Program Files\Rising\RIS\cnt09.dll] [Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 1]
[C:\Program Files\Rising\RIS\moncomm.dll] [Beijing Rising Information Technology Co., Ltd., 23.0.0.3]
[C:\Program Files\Rising\RIS\MonBase.dll] [Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 1]
[C:\Program Files\Rising\RIS\Rslog.dll] [Beijing Rising Information Technology Co., Ltd., 23.0.0.23]
[C:\Program Files\Rising\RIS\RsStore.dll] [Beijing Rising Information Technology Co., Ltd., 23.0.0.12]
[C:\Program Files\Rising\RIS\mondrvd.dll] [Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 11]
[C:\Program Files\Rising\RIS\defmon.dll] [Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 61]
[C:\Program Files\Rising\RIS\moncom08.dll] [Beijing Rising Information Technology Co., Ltd., 23.0.0.2]
[C:\Program Files\Rising\RIS\taskplug.dll] [Beijing Rising Information Technology Co., Ltd., 23.0.0.2]
[C:\Program Files\Rising\RIS\mondrvm.dll] [Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 8]
[C:\Program Files\Rising\RIS\MonRule.dll] [Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 32]
[C:\Program Files\Rising\RIS\FileMon.dll] [Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 33]
[C:\Program Files\Rising\RIS\MailMon.dll] [Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 55]
[C:\Program Files\Rising\RIS\rfwlog.dll] [Beijing Rising Information Technology Co., Ltd., 23.0.0.7]
[C:\Program Files\Rising\RIS\rfwrule.dll] [Beijing Rising Information Technology Co., Ltd., 22.0.0.1]
[C:\WINDOWS\system32\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0]
[C:\WINDOWS\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
[C:\Program Files\Rising\RIS\rfwsrv.dll] [Beijing Rising Information Technology Co., Ltd., 23.0.0.90]
[C:\Program Files\Rising\RIS\Syslay.dll] [Beijing Rising Information Technology Co., Ltd., 23.0.0.1]
[C:\Program Files\Rising\RIS\mPorts.dll] [Beijing Rising Information Technology Co., Ltd., 23.0.0.7]
[C:\Program Files\Rising\RIS\rfwdrvc.dll] [Beijing Rising Information Technology Co., Ltd., 23.0.0.36]
[C:\Program Files\Rising\RIS\fishweb.dll] [Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 26]
[C:\Program Files\Rising\RIS\rsindent.dll] [Beijing Rising Information Technology Co., Ltd., 23.0.1.0]
[C:\Program Files\Rising\RIS\cnt08.dll] [Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 1]
[C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[C:\Program Files\Rising\RIS\proccomm.dll] [Beijing Rising Information Technology Co., Ltd., 23.0.0.1]
[C:\Program Files\Rising\RIS\comx3.dll] [Beijing Rising Information Technology Co., Ltd., 23.0.0.4]
[C:\Program Files\Rising\RIS\Hooksys.dll] [Beijing Rising Information Technology Co., Ltd., 25, 0, 0, 8]
[C:\Program Files\Rising\RIS\ProcCom.dll] [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20]
[C:\Program Files\Rising\RIS\RsCommX2.dll] [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20]
[C:\Program Files\Rising\RIS\hookTdi.dll] [Beijing Rising Information Technology Co., Ltd., 25, 0, 0, 9]
[C:\Program Files\Rising\RIS\BACore.dll] [Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 57]
[C:\WINDOWS\system32\sfc_os.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
[C:\Program Files\Rising\RIS\recomp.dll] [Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 12]
[C:\Program Files\Rising\RIS\refs.dll] [Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 3]
[C:\Program Files\Rising\RIS\viruslib.dll] [Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 8]
[C:\Program Files\Rising\RIS\relibldr.dll] [Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 1]
[C:\Program Files\Rising\RIS\rsnetsvr.dll] [Beijing Rising Information Technology Co., Ltd., 23.0.0.12]
[C:\Program Files\Rising\RIS\bawhite.dll] [Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 5]
[C:\Program Files\Rising\RIS\ScanAdd.dll] [Beijing Rising Information Technology Co., Ltd., 23.0.0.31]
[C:\Program Files\Rising\RIS\Scanner.dll] [Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 68]
[C:\Program Files\Rising\RIS\fwfish.dll] [Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 4]
[C:\Program Files\Rising\RIS\fwcomp.dll] [Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 11]
[C:\Program Files\Rising\RIS\fwfs.dll] [Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 5]
[C:\Program Files\Rising\RIS\fwvirlib.dll] [Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 5]
[C:\Program Files\Rising\RIS\fwlibldr.dll] [Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 3]
[C:\Program Files\Rising\RIS\Rfwdrv.dll] [Beijing Rising Information Technology Co., Ltd., 25.0.0.7]
[C:\Program Files\Rising\RIS\ScanSrv.dll] [Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 17]
[C:\Program Files\Rising\RIS\scanpe.dll] [Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 28]
[C:\Program Files\Rising\RIS\pearc.dll] [Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 7]
[C:\Program Files\Rising\RIS\engext.dll] [Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 16]
[C:\Program Files\Rising\RIS\ffr.dll] [Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 2]
[C:\Program Files\Rising\RIS\nvfile.dll] [Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 7]
[C:\Program Files\Rising\RIS\scantj.dll] [Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 9]
[C:\Program Files\Rising\RIS\vmicore.dll] [Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 17]
[C:\Program Files\Rising\RIS\scanexec.dll] [Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 5]
[C:\Program Files\Rising\RIS\unexe.dll] [Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 0]
[C:\Program Files\Rising\RIS\scanex.dll] [Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 7]
[C:\Program Files\Rising\RIS\ur029.dat] [Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 2]
[PID: 1884 / SYSTEM][C:\WINDOWS\System32\svchost.exe] [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
[C:\WINDOWS\system32\UxTheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[C:\WINDOWS\System32\sfc_os.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
[PID: 316 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe] [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
[C:\WINDOWS\system32\UxTheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[PID: 612 / SYSTEM][D:\杀毒工具\KSM\ksmsvc.exe] [, 2010,10,27,1479]
[D:\杀毒工具\KSM\kdump.dll] [Kingsoft Corporation, 2010,10,11,1453]
[D:\杀毒工具\KSM\kxestat.dll] [Kingsoft Corporation, 2009,11,20,309]
[D:\杀毒工具\KSM\kxebase.dll] [Kingsoft Corporation, 2009,11,20,309]
[D:\杀毒工具\KSM\scom.dll] [Kingsoft Corporation, 2009,11,20,309]
[D:\杀毒工具\KSM\kxecore\kxelog.dll] [Kingsoft Corporation, 2009,11,20,309]
[D:\杀毒工具\KSM\kxecore\kxecore.dll] [Kingsoft Corporation, 2010,5,12,402]
[D:\杀毒工具\KSM\kxecore\kxestat.dll] [Kingsoft Corporation, 2009,11,20,309]
[D:\杀毒工具\KSM\ksmcorex.dll] [Kingsoft Corporation, 2011,05,12,1951]
[D:\杀毒工具\KSM\ksapi.dll] [Kingsoft Corporation, 2011,05,04,30]
[D:\杀毒工具\KSM\ksmbrfix.dll] [Kingsoft Corporation, 2010,09,13,1403]
[D:\杀毒工具\KSM\sqlite.dll] [N/A, ]
[D:\杀毒工具\KSM\ksbwsspx.dll] [Kingsoft Corporation, 2010,05,27,1072]
[D:\杀毒工具\KSM\ksecorex.dll] [Kingsoft Corporation, 2011,05,20,1673]
[D:\杀毒工具\KSM\khandler.dll] [Kingsoft Corporation, 2011,04,08,1844]
[D:\杀毒工具\KSM\kae\kaecore.dat] [Kingsoft Corporation, 2010,12,28,110]
[D:\杀毒工具\KSM\ksbwdet2.dll] [Kingsoft Corporation, 2011,04,28,1920]
[D:\杀毒工具\KSM\kcldrep.dll] [Kingsoft Corporation, 2011,04,25,1905]
[D:\杀毒工具\KSM\kavifr.dll] [Kingsoft Corporation, 2010,05,25,74]
[PID: 660 / SYSTEM][D:\Keniu\Keniu Shadu\knsdsvc.exe] [Keniu Network Technology., 1.0.3.1018]
[D:\Keniu\Keniu Shadu\Ave\kave8.dll] [Kaspersky Lab., 8, 0, 2, 54]
[D:\Keniu\Keniu Shadu\Ave\FSSync.dll] [Kaspersky Lab, 9.0.0.720]
[D:\Keniu\Keniu Shadu\Ave\kavesd.dll] [N/A, ]
[D:\Keniu\Keniu Shadu\Ave\kavessi.dll] [N/A, ]
[D:\Keniu\Keniu Shadu\Ave\ipclib.dll] [N/A, ]
[D:\Keniu\Keniu Shadu\Ave\Queue.dll] [N/A, ]
[PID: 700 / SYSTEM][D:\KSafe\KSafeSvc.exe] [Kingsoft Corporation, 3.0.0.1491]
[D:\KSafe\kdump.dll] [Kingsoft Corporation, 2011,03,08,1746]
[D:\KSafe\kxebase.dll] [Kingsoft Corporation, 2010,5,12,402]
[D:\KSafe\scom.dll] [Kingsoft Corporation, 2010,5,12,402]
[D:\KSafe\kxecore\kxecore.dll] [Kingsoft Corporation, 2010,5,12,402]
[D:\KSafe\kse\ksbcommsp.dll] [Kingsoft Corporation, 2011,02,14,1702]
[D:\KSafe\kexectrl.dll] [Kingsoft Corporation, 2010,09,18,1422]
[D:\KSafe\kwssp.dll] [Kingsoft Corporation, 2011.05.18.1491]
[D:\KSafe\json.dll] [N/A, ]
[D:\KSafe\netstat.dll] [Kingsoft Corporation, 3.0.0.1496]
[D:\KSafe\fwproxy.dll] [Kingsoft Corporation, 3.0.0.1496]
[D:\KSafe\kse\BKReScan.dll] [Kingsoft Corporation, 2011,03,04,1740]
[D:\KSafe\kse\sqlite.dll] [Kingsoft Corporation, 2010,03,30,781]
[D:\KSafe\kse\ksbwdet2.dll] [Kingsoft Corporation, 2011,04,28,1920]
[D:\KSafe\kse\ksecansp.dll] [Kingsoft Corporation, 2011,04,21,1878]
[D:\KSafe\kse\ksecorex.dll] [Kingsoft Corporation, 2011,04,27,1624]
[D:\KSafe\KEng\kae\kaecore.dat] [Kingsoft Corporation, 2010,12,16,1454]
[D:\KSafe\kse\wfs.dll] [Kingsoft Corporation, 2011,04,20,1616]
[C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[D:\KSafe\KEng\kae\karchive.dat] [Kingsoft Corporation, 2010,12,16,1454]
[D:\KSafe\KEng\kae\kaearcha.dat] [Kingsoft Corporation, 2010,12,16,1454]
[D:\KSafe\KEng\kae\kaeolea.dat] [Kingsoft Corporation, 2010,12,16,1454]
[D:\KSafe\KEng\kae\kaearchb.dat] [Kingsoft Corporation, 2011,02,14,1540]
[D:\KSafe\KEng\kae\kaeunpak.dat] [Kingsoft Corporation, 2010,06,30,436]
[D:\KSafe\KEng\kae\kaeunpack.dat] [Kingsoft Corporation, 2010,07,18,365]
[D:\KSafe\KEng\kae\kaecoref.dat] [Kingsoft Corporation, 2010,12,16,1454]
[D:\KSafe\KEng\kae\kaecorem.dat] [Kingsoft Corporation, 2010,10,26,1328]
[D:\KSafe\KEng\kae\kaecorea.dat] [Kingsoft Corporation, 2010,12,16,1454]
[PID: 484 / SYSTEM][C:\Program Files\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe] [N/A, ]
[C:\Program Files\ASUS\AsSysCtrlService\1.00.02\AsAcpi.dll] [ASUS, 1, 0, 5, 0]
[PID: 1576 / SYSTEM][C:\ASUS.SYS\config\DVMExportService.exe] [DeviceVM, Inc., 1.2.5.10]
[C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[PID: 1660 / SYSTEM][C:\WINDOWS\system32\GP_CLT_Service.exe] [, 1, 0, 1, 10]
[C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[PID: 1676 / SYSTEM][C:\Program Files\ICBCEbankTools\ICBCAntiPhishing\IcbcDaemon.exe] [N/A, ]
[C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[PID: 1708 / SYSTEM][C:\WINDOWS\system32\D4Ser_ICBC.exe] [Tendyron Corporation, 1, 0, 0, 1]
[PID: 1868 / SYSTEM][C:\WINDOWS\system32\D4MON_ICBC.exe] [Tendyron Corporation, 1, 0, 0, 0]
[C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[C:\WINDOWS\system32\msctfime.ime] [Microsoft Corporation, 5.1.2600.5768 (xpsp_sp3_gdr.090226-1442)]
[PID: 224 / SYSTEM][D:\Keniu\Keniu Shadu\Ave\knsdave.exe] [N/A, ]
[D:\Keniu\Keniu Shadu\Ave\knavpp.dll] [Keniu Network Technology., 1.0.3.1018]
[D:\Keniu\Keniu Shadu\Ave\oas.ppl] [Kaspersky Lab, 9.0.0.720]
[D:\Keniu\Keniu Shadu\kneng.dll] [Keniu Network Technology., 1.0.3.1018]
[D:\Keniu\Keniu Shadu\knatrun.dll] [Keniu Network Technology., 1.0.3.1018]
[D:\Keniu\Keniu Shadu\knbak.dll] [Keniu Network Technology., 1.0.3.1018]
[D:\Keniu\Keniu Shadu\kndb.dll] [Keniu Network Technology., 1.0.3.1018]
[D:\Keniu\Keniu Shadu\kncache.dll] [Keniu Network Technology., 1.0.3.1018]
[D:\Keniu\Keniu Shadu\Ave\ipclib.dll] [N/A, ]
[D:\Keniu\Keniu Shadu\Ave\kavess.dll] [N/A, ]
[D:\Keniu\Keniu Shadu\Ave\FSSync.dll] [Kaspersky Lab, 9.0.0.720]
[D:\Keniu\Keniu Shadu\Ave\prloader.dll] [Kaspersky Lab, 9.0.0.720]
[D:\Keniu\Keniu Shadu\Ave\nfio.ppl] [Kaspersky Lab, 9.0.0.720]
[D:\Keniu\Keniu Shadu\Ave\fsdrvplg.ppl] [Kaspersky Lab, 9.0.0.720]
[D:\Keniu\Keniu Shadu\Ave\winreg.ppl] [Kaspersky Lab, 9.0.0.720]
[D:\Keniu\Keniu Shadu\Ave\params.ppl] [Kaspersky Lab, 9.0.0.720]
[D:\Keniu\Keniu Shadu\Ave\tm.ppl] [Kaspersky Lab, 9.0.0.720]
[D:\Keniu\Keniu Shadu\Ave\schedule.ppl] [Kaspersky Lab, 9.0.0.720]
[D:\Keniu\Keniu Shadu\Ave\timer.ppl] [Kaspersky Lab, 9.0.0.720]
[D:\Keniu\Keniu Shadu\Ave\thpimpl.ppl] [Kaspersky Lab, 9.0.0.720]
[D:\Keniu\Keniu Shadu\Ave\report.ppl] [Kaspersky Lab, 9.0.0.720]
[C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[D:\Keniu\Keniu Shadu\Ave\procmon.ppl] [Kaspersky Lab, 9.0.0.720]
[D:\Keniu\Keniu Shadu\Ave\hashmd5.ppl] [Kaspersky Lab, 9.0.0.720]
[D:\Keniu\Keniu Shadu\Ave\reportdb.ppl] [Kaspersky Lab, 9.0.0.720]
[D:\Keniu\Keniu Shadu\Ave\klsrlsvc.ppl] [Kaspersky Lab, 9.0.0.720]
[D:\Keniu\Keniu Shadu\Ave\regmap.ppl] [Kaspersky Lab, 9.0.0.720]
[D:\Keniu\Keniu Shadu\Ave\propmap.ppl] [Kaspersky Lab, 9.0.0.720]
[D:\Keniu\Keniu Shadu\Ave\filemap.ppl] [Kaspersky Lab, 9.0.0.720]
[D:\Keniu\Keniu Shadu\Ave\crpthlpr.ppl] [Kaspersky Lab, 9.0.0.720]
[D:\Keniu\Keniu Shadu\Ave\dtreg.ppl] [Kaspersky Lab, 9.0.0.720]
[D:\Keniu\Keniu Shadu\Ave\avs.ppl] [Kaspersky Lab, 9.0.0.720]
[D:\Keniu\Keniu Shadu\Ave\avpmgr.ppl] [Kaspersky Lab, 9.0.0.720]
[D:\Keniu\Keniu Shadu\Ave\avlib.ppl] [Kaspersky Lab, 9.0.0.720]
[D:\Keniu\Keniu Shadu\Ave\wdiskio.ppl] [Kaspersky Lab, 9.0.0.720]
[D:\Keniu\Keniu Shadu\Ave\avspm.ppl] [Kaspersky Lab, 9.0.0.720]
[D:\Keniu\Keniu Shadu\Ave\dmap.ppl] [Kaspersky Lab, 9.0.0.720]
[D:\Keniu\Keniu Shadu\Ave\bases\kavbase.kdl] [Kaspersky Lab ZAO, 2.1.5.41]
[D:\Keniu\Keniu Shadu\Ave\bases\klavemu.kdl] [Kaspersky Lab ZAO, 10.37.19.29]
[D:\Keniu\Keniu Shadu\Ave\bases\kjim.kdl] [Kaspersky Lab ZAO, 5.6.7.1]
[D:\Keniu\Keniu Shadu\Ave\bases\vlns.kdl] [Kaspersky Lab, 1.4.3.1]
[D:\Keniu\Keniu Shadu\Ave\bases\mark.kdl] [Kaspersky Lab ZAO, 4.4.2.1]
[D:\Keniu\Keniu Shadu\Ave\bases\qscan.kdl] [Kaspersky Lab ZAO, 3.1.28.0]
[D:\Keniu\Keniu Shadu\Ave\bases\kavsys.kdl] [Kaspersky Lab ZAO, 1.6.24.0]
[D:\Keniu\Keniu Shadu\Ave\icheck3.ppl] [Kaspersky Lab, 9.0.0.720]
[D:\Keniu\Keniu Shadu\Ave\bases\webav.kdl] [Kaspersky Lab, 1.4.3.1]
[D:\Keniu\Keniu Shadu\Ave\ntfsstrm.ppl] [Kaspersky Lab, 9.0.0.720]
[PID: 2540 / Administrator][C:\WINDOWS\Explorer.EXE] [(Verified) Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]

醉入云烟 - 2011-5-21 18:24:00

[C:\WINDOWS\system32\UxTheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[C:\WINDOWS\system32\msctfime.ime] [Microsoft Corporation, 5.1.2600.5768 (xpsp_sp3_gdr.090226-1442)]
[D:\Keniu\Keniu Shadu\knsfmon.dll] [Keniu Network Technology., 1.0.3.1018]
[D:\KSafe\ksfmon.dll] [Kingsoft Corporation, 3.0.0.1498]
[C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll] [Adobe Systems, Inc., 9.4.0.195]
[C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.CHS] [, ]
[PID: 2612 / Administrator][C:\WINDOWS\system32\GP_CLT.exe] [, 2, 0, 0, 8]
[C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[C:\WINDOWS\system32\msctfime.ime] [Microsoft Corporation, 5.1.2600.5768 (xpsp_sp3_gdr.090226-1442)]
[C:\WINDOWS\system32\GP_IFD.dll] [CIDC., 1, 0, 17, 45]
[C:\WINDOWS\system32\GP_COS.dll] [, 2, 0, 1, 17]
[C:\WINDOWS\system32\GP_RES.dll] [, 2, 0, 1, 14]
[PID: 2616 / Administrator][C:\WINDOWS\system32\GP_CLT.exe] [, 2, 0, 0, 8]
[C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[C:\WINDOWS\system32\msctfime.ime] [Microsoft Corporation, 5.1.2600.5768 (xpsp_sp3_gdr.090226-1442)]
[C:\WINDOWS\system32\GP_IFD.dll] [CIDC., 1, 0, 17, 45]
[C:\WINDOWS\system32\GP_COS.dll] [, 2, 0, 1, 17]
[C:\WINDOWS\system32\GP_RES.dll] [, 2, 0, 1, 14]
[PID: 2792 / NETWORK SERVICE][C:\WINDOWS\system32\wbem\wmiprvse.exe] [(Verified) Microsoft Corporation, 5.1.2600.5755 (xpsp_sp3_gdr.090206-1234)]
[C:\WINDOWS\system32\UxTheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[PID: 2804 / Administrator][C:\Program Files\ASUS\TurboV EVO\TurboVHelp.exe] [ASUSTek, 1.0.0.1]
[C:\Program Files\ASUS\TurboV EVO\ASACPI.DLL] [ASUS, 1, 0, 6, 0]
[C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[C:\WINDOWS\system32\msctfime.ime] [Microsoft Corporation, 5.1.2600.5768 (xpsp_sp3_gdr.090226-1442)]
[C:\Program Files\ASUS\TurboV EVO\HookKey32.dll] [, 1, 0, 2, 0]
[C:\Program Files\ASUS\TurboV EVO\pngio.dll] [N/A, ]
[C:\Program Files\ASUS\TurboV EVO\flashobj.dll] [N/A, ]
[C:\WINDOWS\system32\Macromed\Flash\Flash10q.ocx] [Adobe Systems, Inc., 10,3,181,14]
[PID: 2868 / Administrator][C:\Program Files\ASUS\AI Suite\QFan3\QFanHelp.exe] [, 1.0.0.2]
[C:\Program Files\ASUS\AI Suite\QFan3\ASACPI.DLL] [ASUS, 1, 0, 6, 0]
[C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[C:\WINDOWS\system32\msctfime.ime] [Microsoft Corporation, 5.1.2600.5768 (xpsp_sp3_gdr.090226-1442)]
[C:\Program Files\ASUS\AI Suite\QFan3\QFan.dll] [AsusTek Inc., 1, 0, 0, 0]
[C:\WINDOWS\system32\AsIo.dll] [, 1, 0, 0, 1]
[PID: 2928 / Administrator][C:\Program Files\ASUS\Six Engine\SixEngine.exe] [, 1.0.0.12]
[C:\Program Files\ASUS\Six Engine\ASACPI.DLL] [ASUS, 1, 0, 6, 0]
[C:\Program Files\ASUS\Six Engine\ASUSSERVICE.DLL] [N/A, ]
[C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[C:\WINDOWS\system32\msctfime.ime] [Microsoft Corporation, 5.1.2600.5768 (xpsp_sp3_gdr.090226-1442)]
[C:\Program Files\ASUS\Six Engine\AiGear.dll] [AsusTek Inc., 1, 0, 10, 0]
[C:\Program Files\ASUS\Six Engine\pngio.dll] [N/A, ]
[C:\WINDOWS\system32\AsIo.dll] [, 1, 0, 0, 1]
[C:\Program Files\ASUS\Six Engine\AsSpindownTimeout.dll] [, 1, 0, 0, 1]
[PID: 2952 / Administrator][D:\Keniu\Keniu Shadu\knsdtray.exe] [Keniu Network Technology., 1.0.3.1018]
[D:\Keniu\Keniu Shadu\knsfmon.dll] [Keniu Network Technology., 1.0.3.1018]
[C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[C:\WINDOWS\system32\msctfime.ime] [Microsoft Corporation, 5.1.2600.5768 (xpsp_sp3_gdr.090226-1442)]
[D:\Keniu\Keniu Shadu\kndb.dll] [Keniu Network Technology., 1.0.3.1018]
[D:\Keniu\Keniu Shadu\kneng.dll] [Keniu Network Technology., 1.0.3.1018]
[D:\Keniu\Keniu Shadu\knatrun.dll] [Keniu Network Technology., 1.0.3.1018]
[D:\Keniu\Keniu Shadu\knbak.dll] [Keniu Network Technology., 1.0.3.1018]
[D:\Keniu\Keniu Shadu\kncache.dll] [Keniu Network Technology., 1.0.3.1018]
[D:\Keniu\Keniu Shadu\knescan.dll] [Keniu Network Technology., 1.0.0.1109]
[D:\Keniu\Keniu Shadu\kse\ksbwdet2.dll] [Kingsoft Corporation, 2010,11,04,1495]
[D:\Keniu\Keniu Shadu\kse\sqlite.dll] [Kingsoft Corporation, 2010,07,05,1194]
[D:\Keniu\Keniu Shadu\knavp.dll] [Keniu Network Technology., 1.0.3.1018]
[D:\Keniu\Keniu Shadu\Ave\kave8.dll] [Kaspersky Lab., 8, 0, 2, 54]
[D:\Keniu\Keniu Shadu\Ave\FSSync.dll] [Kaspersky Lab, 9.0.0.720]
[D:\Keniu\Keniu Shadu\knup.dll] [Keniu Network Technology., 1.0.3.1018]
[D:\Keniu\Keniu Shadu\zlib1.dll] [, 1.2.3]
[D:\Keniu\Keniu Shadu\Ave\kavesd.dll] [N/A, ]
[D:\Keniu\Keniu Shadu\Ave\kavessi.dll] [N/A, ]
[D:\Keniu\Keniu Shadu\Ave\ipclib.dll] [N/A, ]
[D:\Keniu\Keniu Shadu\Ave\Queue.dll] [N/A, ]
[D:\Keniu\Keniu Shadu\kplugeng.dll] [Keniu Network Technology., 1.0.3.1018]
[PID: 2960 / Administrator][C:\Program Files\Rising\RIS\RSTRAY.EXE] [Beijing Rising Information Technology Co., Ltd., 23.0.0.11]
[C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[C:\Program Files\Rising\RIS\comserv.dll] [Beijing Rising Information Technology Co., Ltd., 23.0.0.13]
[C:\Program Files\Rising\RIS\rslang.dll] [Beijing Rising Information Technology Co., Ltd., 23.0.0.1]
[C:\Program Files\Rising\RIS\comx3.dll] [Beijing Rising Information Technology Co., Ltd., 23.0.0.4]
[C:\Program Files\Rising\RIS\Syslay.dll] [Beijing Rising Information Technology Co., Ltd., 23.0.0.1]
[C:\Program Files\Rising\RIS\ProcComm.dll] [Beijing Rising Information Technology Co., Ltd., 23.0.0.1]
[C:\Program Files\Rising\RIS\rsxml.dll] [Beijing Rising Information Technology Co., Ltd., 23.0.0.2]
[C:\Program Files\Rising\RIS\MonState.dll] [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 2]
[C:\Program Files\Rising\RIS\ScanEvnt.dll] [Beijing Rising Information Technology Co., Ltd., 23.0.0.10]
[C:\Program Files\Rising\RIS\rsguilib.dll] [Beijing Rising Information Technology Co., Ltd., 23.0.0.11]
[C:\Program Files\Rising\RIS\rsconf.dll] [Beijing Rising Information Technology Co., Ltd., 23.0.0.4]
[C:\Program Files\Rising\RIS\rfwrule.dll] [Beijing Rising Information Technology Co., Ltd., 22.0.0.1]
[C:\WINDOWS\system32\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0]
[C:\WINDOWS\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
[C:\Program Files\Rising\RIS\rspalvd.dll] [Beijing Rising Information Technology Co., Ltd., 23.0.0.7]
[C:\Program Files\Rising\RIS\rsnetsvr.dll] [Beijing Rising Information Technology Co., Ltd., 23.0.0.12]
[C:\Program Files\Rising\RIS\mruleui.dll] [Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 10]
[C:\Program Files\Rising\RIS\MonTray.dll] [Beijing Rising Information Technology Co., Ltd., 23.0.0.94]
[C:\Program Files\Rising\RIS\rfwtray.dll] [Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 64]
[C:\Program Files\Rising\RIS\rsmginfo.dll] [Beijing Rising Information Technology Co., Ltd., 23.0.0.6]
[C:\Program Files\Rising\RIS\UsbServ.dll] [Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 3]
[C:\Program Files\Rising\RIS\ScanTray.dll] [Beijing Rising Information Technology Co., Ltd., 23.0.0.54]
[C:\Program Files\Rising\RIS\PngDll.dll] [Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 3]
[C:\WINDOWS\system32\shdoclc.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[C:\Program Files\Rising\RIS\dfw.dll] [Beijing Rising Information Technology Co., Ltd., 23.0.0.66]
[C:\Program Files\Rising\RIS\ScanPrxy.dll] [Beijing Rising Information Technology Co., Ltd., 23.0.0.30]
[C:\Program Files\Rising\RIS\GCompt.dll] [Beijing Rising Information Technology Co., Ltd., 23.0.0.51]
[C:\Program Files\Rising\RIS\Isol.dll] [Beijing Rising Information Technology Co., Ltd., 23.0.0.14]
[C:\Program Files\Rising\RIS\rsstore.dll] [Beijing Rising Information Technology Co., Ltd., 23.0.0.12]
[C:\Program Files\Rising\RIS\rfwlog.dll] [Beijing Rising Information Technology Co., Ltd., 23.0.0.7]
[PID: 3024 / Administrator][D:\KSafe\KSafeTray.exe] [Kingsoft Corporation, 3.0.0.1498]
[D:\KSafe\ksfmon.dll] [Kingsoft Corporation, 3.0.0.1498]
[D:\KSafe\kdump.dll] [Kingsoft Corporation, 2011,03,08,1746]
[C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[C:\WINDOWS\system32\msctfime.ime] [Microsoft Corporation, 5.1.2600.5768 (xpsp_sp3_gdr.090226-1442)]
[D:\KSafe\krunopt.dll] [Kingsoft Corporation, 3.0.0.1491]
[D:\KSafe\ksafedb.dll] [Kingsoft Corporation, 3.0.0.1491]
[D:\KSafe\kwsctrl.dll] [Kingsoft Corporation, 3.0.0.1491]
[D:\Keniu\Keniu Shadu\knsfmon.dll] [Keniu Network Technology., 1.0.3.1018]
[D:\KSafe\kse\bkrescan.dll] [Kingsoft Corporation, 2011,03,04,1740]
[D:\KSafe\kse\sqlite.dll] [Kingsoft Corporation, 2010,03,30,781]
[D:\KSafe\ksafeup.dll] [Kingsoft Corporation, 3.0.0.1491]
[D:\KSafe\zlib1.dll] [, 1.2.3]
[D:\KSafe\ksafevul.dll] [Kingsoft Corporation, 3.0.0.1491]
[D:\KSafe\kavmgr.dll] [Kingsoft Corporation, 3.0.0.1491]
[C:\Program Files\ASUS\TurboV EVO\HookKey32.dll] [, 1, 0, 2, 0]
[PID: 3116 / Administrator][C:\WINDOWS\system32\ctfmon.exe] [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)]
[C:\WINDOWS\system32\UxTheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[C:\WINDOWS\system32\msctfime.ime] [Microsoft Corporation, 5.1.2600.5768 (xpsp_sp3_gdr.090226-1442)]
[PID: 3664 / LOCAL SERVICE][C:\WINDOWS\system32\svchost.exe] [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
[C:\WINDOWS\system32\UxTheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[PID: 2468 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
[C:\WINDOWS\system32\UxTheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[PID: 3852 / SYSTEM][C:\Program Files\Rising\RIS\CloudSys.exe] [Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 41]
[C:\Program Files\Rising\RIS\ProcComm.dll] [Beijing Rising Information Technology Co., Ltd., 23.0.0.1]
[PID: 3716 / Administrator][C:\Program Files\Internet Explorer\IEXPLORE.EXE] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[D:\KSafe\ksfmon.dll] [Kingsoft Corporation, 3.0.0.1498]
[D:\Keniu\Keniu Shadu\knsfmon.dll] [Keniu Network Technology., 1.0.3.1018]
[D:\KSafe\kwsui.dll] [Kingsoft Corporation, 2011.05.18.1491]
[D:\KSafe\kdump.dll] [Kingsoft Corporation, 2011,03,08,1746]
[D:\KSafe\kswebshield.dll] [Kingsoft Corporation, 2011.05.18.1491]
[D:\KSafe\kswbc.dll] [Kingsoft Corporation, 2011.05.18.1491]
[C:\WINDOWS\system32\msctfime.ime] [Microsoft Corporation, 5.1.2600.5768 (xpsp_sp3_gdr.090226-1442)]
[D:\Thunder Network\Thunder\BHO\XunleiBHO7.1.4.2104.dll] [深圳市迅雷网络技术有限公司, 7,1,4,2104]
[C:\WINDOWS\system32\ATL71.DLL] [Microsoft Corporation, 7.10.6101.0]
[C:\WINDOWS\system32\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0]
[C:\WINDOWS\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
[C:\Program Files\ICBCEbankTools\ICBCAntiPhishing\Icbc_AntiPhishing.dll] [中国工商银行, 1.0.6.29]
[C:\WINDOWS\system32\shdoclc.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[D:\Thunder Network\Thunder\BHO\xldb.7.1.4.2104.dll] [深圳市迅雷网络技术有限公司, 1, 0, 1, 6]
[D:\Thunder Network\Thunder\BHO\xldp.7.1.4.2104.dll] [深圳市迅雷网络技术有限公司, 1, 0, 2, 23]
[C:\Program Files\ASUS\TurboV EVO\HookKey32.dll] [, 1, 0, 2, 0]
[PID: 2068 / SYSTEM][C:\WINDOWS\system32\wuauclt.exe] [(Verified) Microsoft Corporation, 7.2.6001.788 (winmain_oob/wu_wsuswlc(wmbla).081016-1330)]
[C:\WINDOWS\system32\UxTheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[PID: 548 / Administrator][D:\杀毒工具\SRENG\sr-engldr.EXE] [Smallfrogs Studio, 2.8.4.1331]
[C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[D:\KSafe\ksfmon.dll] [Kingsoft Corporation, 3.0.0.1498]
[D:\Keniu\Keniu Shadu\knsfmon.dll] [Keniu Network Technology., 1.0.3.1018]
[C:\WINDOWS\system32\msctfime.ime] [Microsoft Corporation, 5.1.2600.5768 (xpsp_sp3_gdr.090226-1442)]
[C:\WINDOWS\system32\sfc_os.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
[D:\杀毒工具\SRENG\Upload\3rdUpd.DLL] [Smallfrogs Studio, 2, 1, 0, 15]
==================================
文件关联
.TXT Error. [C:\WINDOWS\notepad.exe %1]
.EXE OK. ["%1" %*]
.COM OK. ["%1" %*]
.PIF OK. ["%1" %*]
.REG OK. [regedit.exe "%1"]
.BAT OK. ["%1" %*]
.SCR OK. ["%1" /S]
.CHM Error. ["hh.exe" %1]
.HLP OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI Error. [C:\WINDOWS\System32\NOTEPAD.EXE %1]
.INF OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.VBS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK OK. [{00021401-0000-0000-C000-000000000046}]
==================================
Winsock 提供者
N/A
==================================
Autorun.inf
N/A
==================================
HOSTS 文件
127.0.0.1 localhost
==================================
进程特权扫描
特殊特权被允许： SeLoadDriverPrivilege [PID = 1316, C:\WINDOWS\SYSTEM32\WINLOGON.EXE]
特殊特权被允许： SeLoadDriverPrivilege [PID = 2612, C:\WINDOWS\SYSTEM32\GP_CLT.EXE]
特殊特权被允许： SeLoadDriverPrivilege [PID = 2616, C:\WINDOWS\SYSTEM32\GP_CLT.EXE]
特殊特权被允许： SeLoadDriverPrivilege [PID = 2804, C:\PROGRAM FILES\ASUS\TURBOV EVO\TURBOVHELP.EXE]
==================================
计划任务
N/A
==================================
Windows 安全更新检查
N/A
==================================
API HOOK
入口点错误：LoadLibraryExW (危险等级: 高, 被下面模块所HOOK: 0x012B02F1)
入口点错误：CreateProcessA (危险等级: 高, 被下面模块所HOOK: 0x012702F1)
入口点错误：CreateProcessW (危险等级: 高, 被下面模块所HOOK: 0x012802F1)
入口点错误：ShellExecuteExW (危险等级: 高, 被下面模块所HOOK: 0x012502F1)
入口点错误：ShellExecuteW (危险等级: 高, 被下面模块所HOOK: 0x012402F1)
==================================
隐藏进程
N/A
==================================[/code]

baohe - 2011-5-21 20:55:00

瑞星＋可牛＋毒霸！！！

汗！

建议之装一个杀软

醉入云烟 - 2011-5-22 9:04:00

之前只装了瑞星，后来中毒了才到处装来杀毒，但是一个都不管用啊……

天月来了 - 2011-5-22 9:20:00

你将安全软件都卸载后观察看如何，这情况实在难以判断。

系统有时候被一些恶意程序影响后，也不是很容易知道修复哪里的。

瑞星卡卡安全论坛